Home / malware TrojanSpy:Win32/Banker.APN
First posted on 06 January 2017.
Source: MicrosoftAliases :
There are no other names known for TrojanSpy:Win32/Banker.APN.
Explanation :
Installation
This threat modifies the hosts files on your PC to redirect network traffic:
\drivers\etc\hosts
It modifies the registry so that it runs each time you start your PC:
In subkey: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Sets value: "Update"
With data: ""
Payload
Collects your sensitive information
This threat can collect sensitive information without your consent, including:
- The keys you press
- The applications you open
- Your web browsing history
- Your credit card information
- Your user names and passwords
It can also imitate a legitimate website to lure you into revealing sensitive information.
This malware description was published using automated analysis of file SHA1 36f6aa5100d0f6b6c8e6018657d808d2f4de4fcd.Last update 06 January 2017
